Eric Council Jr., a 26-year-old from Athens, Alabama, has been sentenced to 14 months in federal prison. He played a key role in a cybercrime conspiracy targeting the U.S. Securities and Exchange Commission (SEC). Council and his co-conspirators illegally gained access to the official SEC X account, formerly known as Twitter. They used the SEC X hacked account to post a fake announcement about Bitcoin.
The false message claimed that the SEC had approved Bitcoin Exchange-Traded Funds (ETFs). This misleading post caused Bitcoin’s value to spike sharply.
Soon after, the SEC regained control of its account and confirmed that the announcement was false. The cryptocurrency’s value then dropped by more than $2,000.
A Planned SIM Swap to Hack the SEC X Account
According to court documents, Council was part of a coordinated scheme that began in January 2024. He and others engaged in SIM swapping—a method that involves fraudulently transferring someone’s phone number to another SIM card—in order to gain control of digital accounts.
On January 9, 2024, Council impersonated a victim at an AT&T store in Huntsville, Alabama, using a fake ID he printed himself. He tricked the store employee into issuing a replacement SIM card for the victim’s phone number, which was connected to the SEC’s official X account.
Council then walked into a nearby Apple store, purchased a new iPhone, and used the stolen SIM card to activate the device. With control over the phone number, he received password reset codes for the @SECgov X account. He took a photo of the reset code and shared it with his co-conspirators before returning the phone for a cash refund.
Soon after, the group used the reset code to access the SEC’s X account. They posted a fake announcement claiming that the SEC had approved Bitcoin ETFs. This false information caused Bitcoin’s value to spike by more than $1,000. Once the SEC regained control of the account and confirmed the post was fake, Bitcoin’s value dropped by over $2,000.
Federal Officials Respond
Federal authorities described the cyberattack as a direct threat to financial markets and public trust.
“Schemes of this nature threaten the health and integrity of our market system,” said U.S. Attorney Pirro. “SIM swap schemes threaten the financial security of average citizens, financial institutions, and government agencies. Don’t fool yourself into thinking you can’t be caught.”
Matthew R. Galeotti from the Justice Department added, “Council and his co-conspirators used sophisticated cyber means to compromise the SEC’s X account and posted a false announcement that distorted important financial markets.”
FBI Assistant Director in Charge Jensen described Council’s actions as “brazen” and said the sentencing proves that digital fraudsters will be found and held accountable. Amanda James, Special Agent in Charge at the SEC Office of Inspector General (OIG), emphasized the agency’s commitment to maintaining the integrity of SEC operations.
Evidence of Further Plots
During a June 2024 FBI search of Council’s apartment in Athens, Alabama, investigators uncovered further evidence of planned SIM swap attacks. They found a fake ID card, a portable ID card printer, and a laptop containing templates for additional fake IDs.
The laptop also revealed internet searches that included:
- “SECGOV hack”
- “telegram sim swap”
- “how can I know for sure if I am being investigated by the FBI”
- “federal identity theft statute”
- “how long does it take to delete telegram account”
These searches pointed to the Council’s growing concern over potential law enforcement scrutiny, as well as his continued intent to engage in criminal activity.
Authorities revealed that Council had attempted additional SIM swaps in June 2024 and went by online aliases such as “Ronin” and “Agiantschnauzer.” He was arrested on October 17, 2024, and admitted to receiving approximately $50,000 for carrying out SIM swapping tasks.
Council pleaded guilty on February 10, 2025, to conspiracy to commit aggravated identity theft. Along with the prison sentence, Judge Amy Berman Jackson of the District Court ordered him to forfeit the $50,000 he earned and imposed a three-year supervised release term. As a condition of his release, Council is banned from using computers to access the dark web or to commit any further identity-related crimes.
What Is SIM Swapping?
A SIM card, or Subscriber Identity Module, is a small chip that connects a phone to a mobile network. SIM swapping is a type of identity theft where a criminal convinces a mobile carrier to transfer a victim’s phone number to a SIM card under their control. Once successful, the attacker can receive text messages and calls meant for the victim, including two-factor authentication codes for social media or financial accounts.
This form of attack allows hackers to bypass security systems and gain access to sensitive information and digital platforms. In Council’s case, SIM swapping enabled unauthorized access to a government social media account, which was then used to manipulate financial markets.
A Coordinated Federal Effort
The case was jointly investigated by several federal agencies, including:
- FBI Washington Field Office’s Criminal and Cyber Division
- SEC Office of Inspector General
- U.S. Attorney’s Office for the District of Columbia
- Computer Crime and Intellectual Property Section (CCIPS)
- Justice Department’s Fraud Section Market Integrity and Major Frauds Unit
The FBI’s Birmingham Field Office also provided key support during the investigation.
Lawmakers Confirm One-Day Cyber Pause in Separate Case
In a separate development, Rep. Don Bacon of Nebraska addressed concerns about a pause in U.S. offensive cyber operations against Russia. During a House Armed Services Committee hearing, Bacon clarified that the halt lasted only one day.
“I actually dug into this whole matter. It was a one-day pause, which is typical for negotiations,” said Bacon, who chairs the House subcommittee on cyber issues. He was referring to the Trump administration’s efforts to curb Russia’s military actions in Ukraine. “That’s just about as much as I can say,” he added.
While unrelated to the SEC hacking case, this update reflects the broader attention being paid to cyber operations and cybersecurity threats by both the government and lawmakers.
